summaryrefslogtreecommitdiff
path: root/src/arch
diff options
context:
space:
mode:
authorCyrille Bagard <nocbos@gmail.com>2009-04-12 19:15:35 (GMT)
committerCyrille Bagard <nocbos@gmail.com>2009-04-12 19:15:35 (GMT)
commit216a3d0121fabd678e50ea6b4fa2447ae9b921f0 (patch)
tree395fcd91b674ff5652e34b46207ba08cc9e7af68 /src/arch
parentedac614a164d9cac345d914f4320d71bdb16ab79 (diff)
Created a debugging layout and introduced a heavier use of GLib.
git-svn-id: svn://svn.gna.org/svn/chrysalide/trunk@58 abbe820e-26c8-41b2-8c08-b7b2b41f8b0a
Diffstat (limited to 'src/arch')
-rw-r--r--src/arch/Makefile.am2
-rw-r--r--src/arch/x86/Makefile.am2
-rw-r--r--src/arch/x86/instruction.h2
-rw-r--r--src/arch/x86/op_int.c43
-rw-r--r--src/arch/x86/op_jump.c37
-rw-r--r--src/arch/x86/opcodes.h6
-rw-r--r--src/arch/x86/processor.c2
7 files changed, 92 insertions, 2 deletions
diff --git a/src/arch/Makefile.am b/src/arch/Makefile.am
index a7134b6..2f7f072 100644
--- a/src/arch/Makefile.am
+++ b/src/arch/Makefile.am
@@ -12,7 +12,7 @@ libarch_a_SOURCES = \
libarch_a_CFLAGS = $(AM_CFLAGS)
-INCLUDES =
+INCLUDES = $(LIBGTK_CFLAGS)
AM_CPPFLAGS =
diff --git a/src/arch/x86/Makefile.am b/src/arch/x86/Makefile.am
index a061438..e2847ab 100644
--- a/src/arch/x86/Makefile.am
+++ b/src/arch/x86/Makefile.am
@@ -43,7 +43,7 @@ libarchx86_a_SOURCES = \
libarchx86_a_CFLAGS = $(AM_CFLAGS)
-INCLUDES =
+INCLUDES = $(LIBGTK_CFLAGS)
AM_CPPFLAGS =
diff --git a/src/arch/x86/instruction.h b/src/arch/x86/instruction.h
index 3823a90..c54d626 100644
--- a/src/arch/x86/instruction.h
+++ b/src/arch/x86/instruction.h
@@ -100,6 +100,7 @@ typedef enum _X86Opcodes
X86_OP_JE_8, /* je (0x74) */
X86_OP_JNE_8, /* jne (0x75) */
+ X86_OP_JG_REL8, /* jg (0x7f) */
X86_OP_XOR_RM8_IMM8, /* xor (0x80 6) */
X86_OP_CMP_RM8_IMM8, /* cmp (0x80 7) */
@@ -167,6 +168,7 @@ typedef enum _X86Opcodes
X86_OP_LEAVE, /* leave (0xc9) */
+ X86_OP_INT_3, /* int 3 (0xcc) */
X86_OP_INT, /* int (0xcd) */
X86_OP_SHL_RM1632_CL, /* shl ([0x66] 0xd3 4) */
diff --git a/src/arch/x86/op_int.c b/src/arch/x86/op_int.c
index 7c2ae1d..4fdb73a 100644
--- a/src/arch/x86/op_int.c
+++ b/src/arch/x86/op_int.c
@@ -63,3 +63,46 @@ asm_x86_instr *x86_read_instr_int(const uint8_t *data, off_t *pos, off_t len, ui
return result;
}
+
+
+/******************************************************************************
+* *
+* Paramètres : data = flux de données à analyser. *
+* pos = position courante dans ce flux. [OUT] *
+* len = taille totale des données à analyser. *
+* offset = adresse virtuelle de l'instruction. *
+* proc = architecture ciblée par le désassemblage. *
+* *
+* Description : Décode une instruction de type 'int 3'. *
+* *
+* Retour : Instruction mise en place ou NULL. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+asm_x86_instr *x86_read_instr_int_3(const uint8_t *data, off_t *pos, off_t len, uint64_t offset, const asm_x86_processor *proc)
+{
+ asm_x86_instr *result; /* Instruction à retourner */
+ asm_x86_operand *op; /* Opérande unique décodé */
+
+ result = (asm_x86_instr *)calloc(1, sizeof(asm_x86_instr));
+
+ ASM_INSTRUCTION(result)->opcode = data[(*pos)++];
+
+ op = create_new_x86_operand();
+ if (!fill_imm_operand_with_value(ASM_OPERAND(op), AOS_8_BITS, (int []) { 3 }))
+ {
+ free(op);
+ free(result);
+ return NULL;
+ }
+
+ ASM_INSTRUCTION(result)->operands = (asm_operand **)calloc(1, sizeof(asm_operand *));
+ ASM_INSTRUCTION(result)->operands_count = 1;
+
+ ASM_INSTRUCTION(result)->operands[0] = ASM_OPERAND(op);
+
+ return result;
+
+}
diff --git a/src/arch/x86/op_jump.c b/src/arch/x86/op_jump.c
index 44256e9..4a7fc72 100644
--- a/src/arch/x86/op_jump.c
+++ b/src/arch/x86/op_jump.c
@@ -112,6 +112,43 @@ asm_x86_instr *x86_read_instr_je_8(const uint8_t *data, off_t *pos, off_t len, u
* offset = adresse virtuelle de l'instruction. *
* proc = architecture ciblée par le désassemblage. *
* *
+* Description : Décode une instruction de type 'jg' (saut 8b si supérieur). *
+* *
+* Retour : Instruction mise en place ou NULL. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+asm_x86_instr *x86_read_instr_jg_rel8(const uint8_t *data, off_t *pos, off_t len, uint64_t offset, const asm_x86_processor *proc)
+{
+ asm_x86_instr *result; /* Instruction à retourner */
+
+ result = (asm_x86_instr *)calloc(1, sizeof(asm_x86_instr));
+
+ ASM_INSTRUCTION(result)->opcode = data[(*pos)++];
+
+ ASM_INSTRUCTION(result)->type = AIT_JUMP;
+
+ if (!x86_read_one_operand(result, data, pos, len, X86_OTP_REL8, offset))
+ {
+ free(result);
+ return NULL;
+ }
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : data = flux de données à analyser. *
+* pos = position courante dans ce flux. [OUT] *
+* len = taille totale des données à analyser. *
+* offset = adresse virtuelle de l'instruction. *
+* proc = architecture ciblée par le désassemblage. *
+* *
* Description : Décode une instruction de type 'jnb' (saut 8b si !inférieur).*
* *
* Retour : Instruction mise en place ou NULL. *
diff --git a/src/arch/x86/opcodes.h b/src/arch/x86/opcodes.h
index f7d91ac..51af021 100644
--- a/src/arch/x86/opcodes.h
+++ b/src/arch/x86/opcodes.h
@@ -91,6 +91,9 @@ asm_x86_instr *x86_read_instr_hlt(const uint8_t *, off_t *, off_t, uint64_t, con
/* Décode une instruction de type 'inc'. */
asm_x86_instr *x86_read_instr_inc_r1632(const uint8_t *, off_t *, off_t, uint64_t, const asm_x86_processor *);
+/* Décode une instruction de type 'int 3'. */
+asm_x86_instr *x86_read_instr_int_3(const uint8_t *, off_t *, off_t, uint64_t, const asm_x86_processor *);
+
/* Décode une instruction de type 'int'. */
asm_x86_instr *x86_read_instr_int(const uint8_t *, off_t *, off_t, uint64_t, const asm_x86_processor *);
@@ -100,6 +103,9 @@ asm_x86_instr *x86_read_instr_jb_rel8(const uint8_t *, off_t *, off_t, uint64_t,
/* Décode une instruction de type 'je' (petit saut). */
asm_x86_instr *x86_read_instr_je_8(const uint8_t *, off_t *, off_t, uint64_t, const asm_x86_processor *);
+/* Décode une instruction de type 'jg' (saut 8b si supérieur). */
+asm_x86_instr *x86_read_instr_jg_rel8(const uint8_t *, off_t *, off_t, uint64_t, const asm_x86_processor *);
+
/* Décode une instruction de type 'jnb' (saut 8b si !inférieur). */
asm_x86_instr *x86_read_instr_jnb_rel8(const uint8_t *, off_t *, off_t, uint64_t, const asm_x86_processor *);
diff --git a/src/arch/x86/processor.c b/src/arch/x86/processor.c
index 9bb3a23..15d26a4 100644
--- a/src/arch/x86/processor.c
+++ b/src/arch/x86/processor.c
@@ -301,6 +301,7 @@ void x86_register_instructions(asm_x86_processor *proc)
register_opcode(proc->opcodes[X86_OP_JE_8], 0x74, "je", x86_read_instr_je_8);
register_opcode(proc->opcodes[X86_OP_JNE_8], 0x75, "jne", x86_read_instr_jne_8);
+ register_opcode(proc->opcodes[X86_OP_JG_REL8], 0x7f, "jg", x86_read_instr_jg_rel8);
register_opcode_with_ext(proc->opcodes[X86_OP_XOR_RM8_IMM8], 0x80, 6, "xor", x86_read_instr_xor_rm8_with_imm8);
register_opcode_with_ext(proc->opcodes[X86_OP_CMP_RM8_IMM8], 0x80, 7, "cmp", x86_read_instr_cmp_rm8_with_imm8);
@@ -368,6 +369,7 @@ void x86_register_instructions(asm_x86_processor *proc)
register_opcode(proc->opcodes[X86_OP_LEAVE], 0xc9, "leave", x86_read_instr_leave);
+ register_opcode(proc->opcodes[X86_OP_INT_3], 0xcc, "int", x86_read_instr_int_3);
register_opcode(proc->opcodes[X86_OP_INT], 0xcd, "int", x86_read_instr_int);
register_opcode_1632_with_ext(proc->opcodes[X86_OP_SHL_RM1632_CL], 0xd3, 4, "shl", x86_read_instr_shl_rm1632_cl);